IP Header is defined in RFC 791, this header includes a 1 byte field called the Type of Service (ToS) byte. This Tos byte is used to mark the packet for a specific type of treatment or prioritization.

The ToS byte itself is subdivided with the high order 3 bits defined as the IP Precedence field (IPP)

The use of the high order 3 bits IPP in the ToS byte determined prioritization for the packet, later a series of RFCs called Differentiated Services (DiffServ) came along, which required redefining the use of the ToS byte because DiffServ required more than 3 bits. The ToS byte was renamed the Differentiated Services Field and IPP was replaced with a 6 bit field called Differentiated Services Code Point (DSCP).

Later RFC 3168 defined a use for the last two low order bits in the DiffServ field for use with the QoS Explicit Congestion Notification Feature.

What happens when you have encrypted traffic that requires priority across a network before its encapsulated. The ToS byte of the original packet is automatically copied to the tunnel header (IPSEC tansport, tunnel mode, and GRE tunnels) but this does not work for features like NBAR.

The problem derives from the fact that tunnel encapsulation prevents a router to take egress QoS actions based on encrypted traffic. To resolve this, Cisco IOS includes QoS pre-classification. This allows routers to make egress QoS decisions based on the original traffic, before encapsulation rather than encapsulating the tunnel header. It works by keeping the original unencrypted traffic in memory until the egress QoS actions are taken.

Traffic policers measure the traffic rate for data entering or exiting an interface with the goal of determining whether a traffic contract has been exceeded. The traffic contract consists of two components:

Traffic Rate configured in bits/second

Burst Size: configured as a number of bytes

If traffic is within the contracted rate its considered to be conformed and may pass through.

If traffic exceeds the contracted rate its subject to being dropped.

However there is a compromise action that takes place in which a policer marks down packets instead of dropping them. It remarks the exceeded packet using IPP or DSCP to a value that makes the packet more likely to be discarded downstream but still allows the packet to pass through the local router.

The following list summarizes the key points regarding more complex matching options:

Up to four CoS and IPP or eight DSCP values can be listed on a single match cos, match precedence, or match dscp command

If a class map has multiple match commands in it, the match any or match all parameter on the class map defines whether a logical OR or a logical AND (default) is used between the match commands

the match class name command refers to another class map by name, nesting the named class map’s matching logic, the match class name command is considered to match if the referenced class map also results in a match to the traffic it defines.

Cisco created Modular QoS CLI to help resolve problems with a multitude of QoS configuration commands becoming unorganized or standardized. MQC helps by defining a common set of configuration commands to configure many QoS features in a router or switch.

MQC seperates the classification function of a QoS tool from the action (PHB) that it wants to perform. MQC is seperated into three major commands, with several subordinate commands:

Class-Map: command defineds the matching parameters for classifying packets into service classes

Policy Map: PHB actions such as Marking, Queueing, and so on are configured under a Policy-map command

Service Policy: a Policy Map is enabled on an interface by using the service-policy command.

Classifying packets requires the use of class maps to define your traffic.

Setting an action to your defined class-maps is done by referencing the class map within the policy map and setting an appropriate action.

The QoS Policy that’s been created which defines your traffic, and how you want to treat your traffic is enabled under an interface configuration using the service-policy commands and you can apply those commands on ingress or egress of an interface.

Frame Relay and ATM support a single bit that can be set for QoS but this single bit is actually intended for use related to drop probability. If a Frame Relay device sends a Frame with this bit set to 1, that frame will be considered to be dropped. This is referred to in Frame Relay as the Discard Eligibility bit (DE) or in ATM Cell Loss Priority (CLP) bit.